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DETAILED ACTION 

1 . Claims 1 , 3-22, 24-43 and 45-53 are pending in the current application. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1, 6-12, 16-22, 27-34, 40-43, 45-49 and 51-53 are rejected under 35 
U.S.C. 103(a) as being unpatentable over U.S. Patent No. 6,851,089 to Erickson et 
al. [hereinafter Erickson] in view of U.S. Patent No. 6,782,425 to Germscheid et al. 
[hereinafter Germscheid, both references cited in the previous office action]. 

4. As to claim 1 , Erickson teaches the invention substantially as claim including a 
method for the exchange of objects in a distributed computing environment [col. 25, line 
57 - col. 26, line 14], comprising: 

user accessing a client device [col. 7, lines 1-16]; and 

generating a computer programming language object from a data representation 
language representation of the object [a wrapper file has been created and stored, the 
wrapper file can be read by a wrapper builder application and deserialized, by known 
methods, to reproduce the objects that the wrapper comprises; col. 26, lines 20 - 30], 
wherein the object is an instance of a class in the computer programming language 
[wrapper builder application employs serialization to encode an internal object 
representation of a wrapper into XML format; col. 26, lines 16 - 20], and wherein the 
object is accessible for use during the accessing the client device [wrapper serialization 
component 1 170 provides for the storage and retrieval of wrappers in XML (Extensible 
Markup Language) through the process of Object Serialization; col. 25, line 59 - col. 26, 
line 13], and the client device receiving a message [XML data can be saved as a 
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wrapper file; col. 26, lines 15-20] in the data representation language [wrapper 
serialization component 1 1 70 implements the functionality by which wrappers are stored 
and retrieved, called serialization; col, 20, lines 22-48] from a service device in the 
distributed computing environment prior to the generating a computer programming 
language object [Serialization is used for lightweight persistence and for communication 
via sockets or Remote Method Invocation (RMI); col. 26, lines 3-16], wherein the 
message includes the data representation language representation of the object [XML 
format; col. 26, lines 15 - 20]. 

5. Although Erickson teaches the invention substantially as claimed, Erickson does 
not teach deleting the computer programming language object in response to the 
terminating access. 

However, Germscheid teaches secure access to sensitive data [col. 4, lines 42 - 
53] and deleting a computer programming language object in response to the 
terminating access [termination of session; col. 16, lines 1 - 6] so that the deleted object 
is not accessible by subsequent users of the client device [deletes the CCISession 
object which provides the secure access; col. 16, lines 1 - 6]. 

6. It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of deleting the computer programming language 
object in response to the terminating access as taught by Germscheid to the invention 
of Erickson because this would prevent unauthorized access to the object [col. 16, lines 
4 - 5 of Germscheid] and deallocates the storage for the object after the user has 
finished accessing the object. 

7. As to claim 6, Erickson as modified teaches generating a computer programming 
language object from a data representation language representation of the object is 
performed by a virtual machine executing within the client device [col. 25, lines 58 - 67 
of Erickson; examiner notes that a virtual machine is inherent to the Java environment]. 

8. As to claim 7, Erickson as modified teaches generating a plurality of computer 
programming language objects from data representation language representations of 
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the objects [col. 25, line 59 - col. 26, line 13 of Erickson], and deleting the plurality of 
computer programming language objects in response to the terminating access [col. 16, 
lines 1 - 6 of Germscheid]. 

9. As to claim 8, Erickson as modified teaches the data representation language is 
extensible Markup Language (XML) [XML; col. 25, line 59 - col. 26, line 13 of Erickson]. 

10. As to claim 9, Erickson as modified teaches the computer programming language 
is the Java programming language [col. 25, line 59 - col. 26, line 13 of Erickson]. 

11. As to claim 10, Erickson as modified teaches a method for the secure exchange 
of objects in a distributed computing environment [col. 25, line 57 - col. 26, line 14 of 
Erickson], comprising: 

a user accessing a client device [col. 7, lines 1 - 16 of Erickson]; 

the client device receiving a message in a data representation language from a 
service device in the distributed computing environment [col. 16, lines 1 - 30 of 
Erickson], wherein the message includes a data representation language 
representation of an object [XML format; col. 26, lines 15 - 20 of Erickson]; 

if the determining, determines the user has access rights to the computer 
programming language object [col. 15, lines 38-48 of Germscheid], generating the 
object from the data representation language representation of the object [a wrapper file 
has been created and stored, the wrapper file can be read by a wrapper builder 
application and deserialized, by known methods, to reproduce the objects that the 
wrapper comprises; col. 26, lines 20 - 30 of Erickson], wherein the object is an instance 
of a class in the computer programming language [wrapper builder application employs 
serialization to encode an internal object representation of a wrapper into XML format; 
col. 26, lines 16 - 20 of Erickson], and wherein the object is accessible for use during 
the accessing the client device [col. 25, line 59 - col. 26, line 13 of Erickson]; and 
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if the determining determines the user does not have access rights to the 
computer programming language object, not generating the object [col. 8, lines 4-11 of 
Germscheid]. 

1 2. As to claim 1 1 , Erickson as modified teaches the message further includes 
access information for the computer programming language object, wherein the 
determining if the user has access rights to the computer programming language object 
uses the access information [col. 7, lines 38 - 50 and col. 7, line 60 - col. 8, line 21 of 
Germscheid]. 

13. As to claim 12, Erickson as modified teaches deleting the computer programming 
language object in response to the user terminating access to the client device, wherein 
the deleted object is not accessible for use by subsequent users of the client device 
[col. 16, lines 1 - 6 of Germscheid]. 

14. As to claim 16, Erickson as modified teaches the user terminating the accessing 
the client device and storing the computer programming language object in response to 
the terminating access [wrapper file has been created and stored; col. 26, lines 21 - 30 
of Erickson]. 

15. As to claim 17, Erickson as modified teaches the user accessing the client device 
subsequent to the storing the object and accessing the stored object during the 
accessing the client device [col. 26, lines 21 - 30 of Erickson]. 

16. As to claim 18, Erickson as modified teaches storing access rights information of 
the user with the object, wherein the accessing the stored object comprises verifying the 
access rights of the user with the stored access rights information [col. 7, line 60 - col. 
8, line 3 of Germscheid]. 
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1 7. As to claims 19-21, they are rejected for the same reasons as claims 6, 8 and 9 
above. 

18. As to claim 22, this is an apparatus claim that corresponds to method claim 1 ; 
note the rejection to claim 1 above, which also meet this apparatus claim. 

1 9. As to claim 27, this is rejected for the same reason as claim 7 above. 

20. As to claim 28, Erickson as modified teaches a processor, a memory [host 
computer 1404; col. 26, lines 58 - 67 of Erickson], and a virtual machine executed by 
the processor from the memory, wherein the generating is performed by the virtual 
machine [col. 25, lines 58 - 67 of Erickson; examiner notes that a virtual machine is 
inherent to the Java environment]. 

21 . As to claim 29, Erickson as modified teaches the accepting, the terminating, and 
the deleting are performed by the virtual machine [col. 25, lines 58 - 67 of Erickson], 
wherein the object is stored in the memory subsequent to the generating, and wherein, 
in the deleting, the object is deleted from the memory [col. 16, lines 1 - 6 of 
Germscheid]. 

22. As to claims 30 and 31 , they are rejected for the same reasons as claims 8 and 9 
above. 

23. As to claims 32 - 34, these are system claims that correspond to method claims 
10-12; note the rejections to claims 10-12 above, which also meet these system 
claims. 



24. 



As to claim 40, this is rejected for the same reasons as claim 28 above. 
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25. As to claims 41 and 42, they are rejected for the same reasons as claims 8 and 9 
above. 

26. As to claim 43, this is a product claim that corresponds to method claim 1 ; note 
the rejection to claim 1 above, which also meet this product claim. 

27. As to claim 45, this is rejected for the same reason as claim 7 above. 

28. As to claim 46, this is rejected for the same reasons as claims 8 and 9 above. 

29. As to claims 47 - 49, these are product claims that correspond to method claims 
10-12; note the rejections to claims 10-12 above, which also meet these product 
claims. 

30. As to claims 51 and 52, these are rejected for the same reasons as claims 16 - 
18 above. 

31 . As to claim 53, Erickson as modified teaches the data representation language is 
extensible Markup Language (XML) [col. 25, lines 57-67 of Erickson] and the computer 
programming language is the Java programming language [col. 26, lines 1-16 of 
Erickson]. 

32. Claims 3-5, 13-15, 24-26, 35-39 and 50 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Erickson and Germscheid in view of U.S. Patent No. 
5,774,551 to Wu [cited in previous office action]. 

33. As to claim 3, Erickson as modified does not teach accessing a client device by 
coupling an identification device to the client and terminating access by decoupling the 
identification device from the client device. 



Application/Control Number: 09/663,665 Page 8 

Art Unit: 2194 

However, Wu teaches accessing a client device comprises the user coupling an 
identification device to the client device [authentication services 109 may include 
password or encrypted key based mechanisms such as... hardware/firmware based 
mechanisms, such as smart-card; col. 15, lines 54 - 65], wherein the identification 
device provides identification information of the user to the client device [the encrypted 
authentication tokens may be stored in a smart card, or other non-public storage facility; 
col. 10, lines 37 - 65], and wherein the termination the accessing comprises decoupling 
the identification device from the client device [system entry service 107 initiates a 
disconnect process, and handles the necessary physical disconnection and protocols 
for disconnecting from the system 100, Fig. 5; col. 19, line 57 - col. 20, line 9]. 

34. It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of accessing a client device by coupling an 
identification device to the client and terminating access by decoupling the identification 
device from the client device as taught by Wu to the invention of Erickson as modified 
because this allows any system entry service to be used transparently with any 
combination of account, password, session, or authentication services, including 
multiple instances of a given type of account management service and provides 
supports for unified login and logout with multiple authentication services [col. 6, lines 
15 -26 of Wu]. 

35. As to claim 4, Erickson as modified teaches the identification device is a smart 
card [the encrypted authentication tokens may be stored in a smart card, or other non- 
public storage facility; col. 10, lines 37 - 65 of Wu]. 

36. As to claim 5, Erickson as modified teaches the accessing a client device 
comprises the user logging on to the client device [Unified login is accomplished 
through a authentication token mapping process; col. 3, lines 55 - 67 of Wu] by 
providing user identification to the client device [the encrypted authentication tokens 
may be stored in a smart card, or other non-public storage facility; col. 10, lines 37 - 65 
of Wu], and wherein the terminating the accessing comprises the user logging off the 
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client device [user logouts 501 of the system entry service 107, either explicitly by 
invoking a specific method of the system entry service 107, or implicitly by shutting off 
the workstation or terminal the user is working on; col. 19, line 57 - col. 20, line 9 of 
Wu]. 

37. As to claims 13-15, they are rejected for the same reasons as claims 3-5 
above. As to the motivation for combining Erickson and Germscheid with Wu, see the 
rejection to claim 3 above. 

38. As to claims 24 and 25, these are apparatus claims that correspond to method 
claims 3 and 4; note the rejections to claims 3 and 4 above, which also meet these 
apparatus claims. As to the motivation for combining Erickson and Germscheid with 
Wu, see the rejection to claim 3 above. 

39. As to claim 26, Erickson as modified teaches the device is further configured to 
accept user input [col. 4, lines 41 - 54 of Germscheid] to initiate the terminating the user 
access [unified logout process ensures that the user's authentication token and 
credentials are removed; col. 19, line 57 - col. 20, line 8 of Wu]. As to the motivation for 
combining Erickson and Germscheid with Wu, see the rejection to claim 3 above. 

40. As to claims 35 and 36, these are system claims that correspond to method 
claims 13 and 14; note the rejections to claims 13 and 14 above, which also meet these 
system claims. As to the motivation for combining Erickson and Germscheid with Wu, 
see the rejection to claim 3 above. 

41 . As to claim 37, Erickson as modified teaches a memory [col. 26, lines 58 - 67 of 
Erickson], accept user input [col. 4, lines 41 - 54 of Germscheid] to terminate the 
access of the client device [col. 19, line 57 - col. 20, line 8 of Wu], and store the 
computer programming language object to the memory in response to the terminating 
access [col. 26, lines 21 - 30 of Erickson]. 
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42. As to claims 38 and 39, they are rejected for the same reasons as claims 17 and 
18 above. 

43. As to claim 50, this is a product claim that correspond to method claim 1 3; note 
the rejection to claim 13 above, which also meet these product claims. As to the 
motivation for combining Erickson and Germscheid with Wu, see the rejection to claim 3 
above. 

Response to Arguments 

44. Applicant's arguments filed 02/06/2006 have been fully considered but they are 
not persuasive. 

(1 ) Erickson in view of Germscheid fails to teach or suggest the client device 
receiving a message in the data representation language from a service device wherein 
the message includes the data representation language representation of the object [p. 
16, lines 10-25 and p. 19, lines 11-26]; 

(2) Erickson teaches that his wrapper builder and wrapper execution applications 
load wrappers using serialization locally from disk [p. 17, lines 1-12; p. 19, line 26-p. 20, 
line 10]; 

(3) Erickson is not concerned at all with security or preventing unauthorized 
access, Germscheid does not provide any motivation to modify Erickson's system [p. 
18, lines 1-9]; 

(4) Erickson teaches away from the examiner's proposed combination because 
Erickson discloses that his wrapper serialization component should persist for 
subsequent use [p. 18, lines 1-19]; 

(5) The combination of Erickson and Germscheid would only result in the deleting 
security session objects because Erickson's wrapper components are not security 
session objects [p. 18, line 19 - p. 19, line 3 and p. 20, line 23 - p. 21 , line 5]; 

(6) Germscheid fails to teach or suggest anything regarding including accessing 
information for a computer programming language object in a message that also include 
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a data representation language representation of the computer programming language 
object [p. 22, line 6- p. 23, line 2]; 

(7) The combination of Erickson, Germscheid and Wu fails to teach or suggest 
storing the computer programming language object in response to the user termination 
accessing the client device [p. 23, line 6 - p. 24, line 2]; and 

(8) The combination of Erickson, Germscheid and Wu fails to teach or suggest 
storing access rights information of the user with the object [p. 24, line 6 - p. 25, line 2]. 

In response to argument (1 ), examiner respectfully disagrees and notes that the 
wrapper file of Erickson corresponds to the message [see rejection to claim 1 above]. 
Erickson discloses reading a wrapper file [col. 26, lines 21-30] and the wrapper file 
contains XML data that is an object representation of a wrapper [col. 26, lines 15-21]. 
As to a client receiving a wrapper file, Erickson discloses a wrapper serialization 
component for storage and retrieval of wrappers using the Object Serialization process 
[col. 25, line 57 - col. 26, line 3]. Object Serialization supports the encoding of object 
into a stream of bytes and serialization is used for communication via Remote Method 
Invocation (RMI) [col. 26, lines 3-15]. Therefore, Erickson clearly discloses and 
suggests the ability to send and receive wrapper files over a network using the wrapper 
serialization component through the process of Object Serialization. As to argument 
(2), examiner disagrees and submits that Erickson's wrapper serialization component is 
capable of reading wrapper files from both local and remote locations. The wrapper 
serialization component operates in a similar way as applicant's invention. For 
example, applicant discloses using method gates in a distributed computing 
environment to allows remote Java objects to behave as local Java objects and method 
invocation and results may appear the same to the client whether the real object is local 
or remote [p. 54, lines 15-21]. 

As to argument (3), examiner respectfully disagrees and submits that Erickson 
disclose security and preventing unauthorized access by encoding objects to protect 
private and transient data [col. 26, lines 10-15]. Since Erickson discloses desire to 
protect private and transient data of an object, it would have been obvious to combine 
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Erickson' invention with Germscheid in order to prevent unauthorized access to the 
object. 

In response to arguments (4) and (7), examiner respectfully disagrees because 
Erickson discloses storing and retrieving a wrapper file [col. 20, lines 22-48]. When the 
wrapper file is read from storage a copy of the wrapper file would be created [read the 
serialized wrapper, reproduce the wrapper : col. 26, lines 20-30, emphasis added]. It 
would be obvious to delete the copy of the wrapper file when the client is finished with 
the temporary copy of the wrapper file. The combination of Erickson and Germscheid 
teach deleting an object and storing an object in response to termination, which is what 
the applicant claim in separate dependent claims [i.e. claims 7 and 16]. Applicant 
chooses to claim the features separately and argue against the individual reference that 
does not claim the separated features. In response to applicant's arguments against 
the references individually, one cannot show nonobviousness by attacking references 
individually where the rejections are based on combinations of references. See In re 
Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 
231 USPQ 375 (Fed. Cir. 1986). The combination of Erickson and Germscheid teaches 
deleting an object and storing an object in response to termination. 

As to argument (5), examiner respectfully disagrees and notes that the security 
session objects of Germscheid corresponds to the wrapper objects of Erickson because 
both objects provides access to a network resource [i.e. col. 27, lines 52-60 of Erickson 
and col. 9, lines 22-30 of Germscheid]. 

As to arguments (6) and (8), examiner respectfully disagrees and submits that 
the recited limitation "accessing information" is broad enough to correspond to the 
security profiles of Germscheid. The service levels as defined by security profiles 
regulate access to a resource [i.e. col. 7, line 60-col. 8, line 20 of Germscheid]. 

CONTACT INFORMATION 

45. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Li B. Zhen whose telephone number is (571) 272-3768. 
The examiner can normally be reached on Mon - Fri, 8:30am - 5pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Thomson can be reached on 571-272-3718. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Li B. Zhen 
Examiner 
Art Unit 2194 
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